Re: root kits on linux

On Sun, 16 Jul 2006, in the Usenet newsgroup alt.os.linux.suse, in article
<44b9af59$0$22362$afc38c87@xxxxxxxxxxxxxxxxxxxx>, Spoken4 wrote:

Is linux susceptible to root kits? The recent talk of these as ways of
attacking pc's and the Sony debacle has left me wondering.

It's running on a computer. Thus, it is susceptible.

It's being run by users. Thus, it is susceptible.

No matter what you've read, you have to remember one thing. To get to
the system, they have to be root. Are you running as root? If no, then
any bad stuff you may install will only effect you UNLESS it can find
a means to elevate it's own privileges. Not unheard of. If you are
running as root, then you're back in the windoze security model, where
anyone can trash the system.

Apart from regularly updating my system, is there a way I can check that I
haven't been compromised (if 10.1 is at risk)?

Where are you getting your software from? The major advantage of an open
software like Linux is the fact that we have the source, and can look at
it. You may not (I certainly don't) have the skill (or time) to go over
each and every line of code, but a heck of a lot of others can and do.

There's another advantage. Assuming you can't resist getting and installing
that n34t0 helper tool that remembers your password and takes you directly
to your favorite pr0n site, you've got to work a bit to find a compatible
version. Much as some would like to think so, SuSE (or Mand*, or Fedora or
Ubuntu, or what-ever) isn't the only Linux distribution, any more than 10.1
is the only version of SuSE. Thus, you might even have to _compile_ the
mal-ware... and we know that every Linux user does that at the drop of a
hat. That also assumes you have the compiler and development tools and
libraries installed. The other possibility is that the mal-ware provider has
got to supply pre-compiled packages (which kind? .rpms? .debs? Statically
linked .tgzs?) for more than one distribution (hey, what about the guys
running *BSD... * ??? yeah, there's at least 4 of those in use too), and
that is to much like geek work.

---------------------
Social Engineering - Because there's no patch for human stupidity.
---------------------
Uncrackable computers are already available. It's uncrackable users that
are in short supply.
---------------------

Old guy
.

Relevant Pages

  • Re: Any known reason why su would not work?
    ... > Enter the root password, ... > to see a Linux command stopping to work because ... Here is why you need a FORMAT and clean install when your box IS cracked. ... The cracker may not have installed a rootkit. ...
    (comp.os.linux.security)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (comp.os.linux)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (alt.linux)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (alt.os.linux)
  • Re: Windows Managers/Linspire-Lindows
    ... > Windows as possible and so root is in control unless you create a user. ... This means a Windows_idiot can install it and use it ... > without having to learn all that hard linux stuff. ... This design flaw drives my level of trust in the design down to ...
    (alt.os.linux.redhat)